InfoSecBulletin Cybersecurity for mankind
New guidance on ransomware, released during this week’s International Counter Ransomware Initiative (CRI) meeting, encourages victims to report attacks to law enforcement promptly and to consult more advisors before deciding to pay a ransom.
Cybersecurity experts from about 70 countries are gathering at the White House this week for the fourth International Counter Ransomware Initiative meeting. This annual event, initiated in 2021, aims to tackle recent ransomware attacks and develop new mitigation strategies.
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
xAI Dev Leaks API Key for Private SpaceX, Tesla & Tweeter
SonicWall Exploit Chain Exposes Admin Hijack Risk via 2 CVEs
TikTok fined €530 million for sending E.U. Data to China
Microsoft New Accounts Go Passwordless By Default
SonicWall Patched for SSRF Vulnerability in SMA1000 Appliances
The UK and Singapore governments released voluntary guidance to help victims of ransomware attacks respond effectively and reduce the impact.
Victims are urged to report attacks and ransom demands to law enforcement and cyber insurance providers. While paying ransoms is not recommended, if victims choose to do so, they should ensure it could positively impact the situation and meets local regulations.
“External experts such as insurers, national technical authorities, law enforcement or cyber incident response companies familiar with ransomware incidents can improve the quality of decision-making,” according to the new guidance. Officials also pointed out that paying the ransom does “not guarantee access to your devices or data.”
Ransomware victims should document their incident response, decisions for mitigating the attack, and any collected data for future reviews. They must also be aware of the regulatory penalties for data breaches.
“Overall, the advice feels complete and aligned,” said Casey Ellis, founder and chief strategy officer at Bugcrowd. “The only change I would consider would be to move the record-your-decision-making to the top of the list. Dealing with these types of incidents can very easily and quickly create a fog-of-war effect inside a ransomed organization.”
Participants at the event worked on various initiatives, such as finalizing a project on secure software and labeling principles by the U.K. and U.S. governments. They also announced the launch of an information-sharing member portal by Australia and a new U.S. government fund to enhance members’ cybersecurity capabilities.
The updated guidance was released following a joint effort by the U.S., U.K., and European governments to arrest and indict members of the Russian cybercriminal underground, including targets like LockBit and Evil Corp.
The U.K. NCSC and the White House did not immediately respond to requests for comments from Information Security Media Group.
